Heh, yeah for sure will give an update once I figure it out one way or the other.

I was able to successfully deploy the AWS Quick Start for Meraki SDWAN.  It worked pretty much as expected.  In this case, customer already had an existing TGW, so I was able to comment out the CloudFormation code to build a new TGW and used the TGW ID in all the spots that referenced the new TGW and it worked fine.

It would be nice if vMX was capable of being used with AWS GWLB or able to somehow integrate directly with AWS routing to pass routes, the VPC limitation of 100 routes is a problem for my customer.  They are using it for DR, so normal runtimes are fine, but in a DR scenario should the vMX's become the primary hubs then the script to add all the routes in the VPC route table would be problematic once 100+ routes are in the vMX's.

Hello @bonzovt 

Can you please help me with a similar issue?

I also have a tunnel between AWS and my on-premise resources via Meraki vMX, but additionally, I would like to apply some firewall rules in my AWS account, so I added them to a security group that is attached to the ec2 instance, unfortunately, it didn't work for me, traffic still unrestricted, so it looks like that security group not work for inbound traffic, only for outbound

So i would like to understand in what way traffic achieves AWS resources from on-premises ?

I solved this problem using a catalyst 8000v router between the TGW and the vMX. Its function is:

1. Establish BGP with vMX (multi az);
2. Establish BGP with TGW over the GRE tunnel with tgw attach connect;
3. Receive the routes coming from the vMX and teach these summarized routes to the tgw. This solves the problem of the capacity of 1000 prefixes.
4. Control routing with as-prepend